XtDhwVrVKn.exe
| Engine | Download Report | Detection | Info |
|---|---|---|---|
|
malicious
Score: 100
|
System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
|
| IP | Country | Detection |
|---|---|---|
| 95.214.25.98 | Germany |  |
| 128.104.160.19 | United States |  |
| 151.101.200.193 | United States | |
| Name | IP | Detection |
|---|---|---|
| app.physics.wisc.edu | 128.104.160.19 | |
| ipv4.imgur.map.fastly.net | 151.101.200.193 | |
| i.imgur.com | 0.0.0.0 | |
| Name | Detection |
|---|---|
| http://www.bluetack.co.uk/config/trojan.zip | |
| http://www.manycam.com | |
| http://manycam.com/upload_effect?filepath= | |
| Click to see the 45 hidden entries | |
| https://ac.ecosia.org/autocomplete?q= | |
| http://www.peerblock.com/required-services | |
| http://www.manycam.com/codecVerdanaTo | |
| http://www.manycam.com/help/effects/snapshot/these | |
| http://peerguardian.sourceforge.net/lists/ | |
| http://www.symauth.com/rpa00 | |
| http://manycam.com/upload_effect?filepath=ManyCam | |
| http://www.peerblock.com | |
| https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search | |
| http://www.symauth.com/cps0( | |
| http://download.manycam.comVerdanaThis | |
| http://www.info-zip.org/ | |
| http://download.manycam.com | |
| http://www.manycam.comhttp://manycam.com/feedback/?version=%sAnchor | |
| http://www.winimage.com/zLibDll | |
| http://download.manycam.com/effects/%s/%s?v=%sManyCam | |
| http://curl.haxx.se/rfc/cookie_spec.html | |
| http://download.manycam.comNew | |
| https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q= | |
| http://manycam.com/feedback/?version=%s | |
| https://95.214.25.98:5932/c308853b38a937713/esl57g54.3bb6xkernelbasentdllkernel32GetProcessMitigatio | |
| https://95.214.25.98:5932/c308853b38a937713/esl57g54.3bb6xX | |
| http://update.peerblock.com/pb_update.php?build=41401140693 | |
| http://www.manycam.com/codec | |
| https://duckduckgo.com/chrome_newtab | |
| https://discord.com | |
| https://duckduckgo.com/ac/?q= | |
| http://www.peerblock.comhttp://forums.peerblock.comTEXTPeerBlock | |
| http://www.vmware.com/0 | |
| https://i.imgur.com/z0gTiQ2.png | |
| https://www.google.com/images/branding/product/ico/googleg_lodp.ico | |
| http://forums.peerblock.com. | |
| http://www.manycam.com/codecVerdanaThis | |
| http://download.manycam.com/effects/%s/%s?v=%s | |
| http://manycam.com/help/effects | |
| http://list.iblocklist.com/?list=?&=usernameidpinlisthttp://list.iblocklist.com/lists/ | |
| http://www.phoenixlabs.org) | |
| https://discordapp.com | |
| https://95.214.25.98:5932/c308853b38a937713/esl57g54.3bb6x | |
| http://www.vmware.com/0/ | |
| https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q= | |
| http://download.manycam.com/effects/%s/%s?v=%sBackgroundsDynamicDynamic | |
| https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command= | |
| http://www.peerblock.com/error | |
| https://www.ecosia.org/newtab/ | |
| Name | File Type | Hashes | Detection |
|---|---|---|---|
C:\Users\user\AppData\Local\Temp\aylundwhckajft |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Roaming\NotepadWizardv2\CrashRpt.dll |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Roaming\NotepadWizardv2\ManyCam.exe |
PE32 executable (GUI) Intel 80386, for MS Windows | # | |
| Click to see the 4 hidden entries | |||
C:\Users\user\AppData\Roaming\NotepadWizardv2\cv099.dll |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Roaming\NotepadWizardv2\cxcore099.dll |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Roaming\NotepadWizardv2\cximagecrt.dll |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
C:\Users\user\AppData\Roaming\NotepadWizardv2\highgui099.dll |
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | # | |
